Mail archive
alpine-aports

[alpine-aports] [PATCH] main/lxc: update to 1.1.5

From: Stuart Cardall <developer_at_it-offshore.co.uk>
Date: Fri, 13 Nov 2015 05:37:47 +0000

This is the fifth bugfix release for LXC 1.1.
https://linuxcontainers.org/lxc/news/

setproctile patch is already commited upstream:
        https://github.com/lxc/lxc/commit/2681c0e7eae2c4008fc6bc79a4c128cbaca8beab

download-template patch fixes the download directory if /tmp is mounted separately
(& is therefore probably either a tmpfs / zram or mounted noexec).
---
 main/lxc/APKBUILD                         | 22 +++++++++++++---------
 main/lxc/download-template-tmpfs.patch    | 23 +++++++++++++++++++++++
 main/lxc/setproctitle-info-not-warn.patch | 13 +++++++++++++
 3 files changed, 49 insertions(+), 9 deletions(-)
 create mode 100644 main/lxc/download-template-tmpfs.patch
 create mode 100644 main/lxc/setproctitle-info-not-warn.patch
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD
index 8da83e9..32bdb48 100644
--- a/main/lxc/APKBUILD
+++ b/main/lxc/APKBUILD
_at_@ -2,9 +2,9 @@
 # Contributor: William Pitcock <nenolod_at_dereferenced.org>
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=lxc
-pkgver=1.1.3
+pkgver=1.1.5
 _mypkgver=${pkgver/_rc/.rc}
-pkgrel=2
+pkgrel=0
 pkgdesc="linux containers - tools"
 url="http://lxc.sourceforge.net/"
 arch="all"
_at_@ -20,7 +20,8 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm lua5.2-lxc:_lua52
 source="https://github.com/lxc/lxc/archive/lxc-$_mypkgver.tar.gz
 	0001-Clone-bridge-interface-MTU-setting.patch
 	version.patch
-	CVE-2015-1335.patch
+	download-template-tmpfs.patch
+	setproctitle-info-not-warn.patch
 	lxc.initd
 	"
 
_at_@ -89,18 +90,21 @@ dev() {
 		"$pkgdir"/usr/bin/ || return 1
 }
 
-md5sums="680198729359bd5e58dc14ce617e72b1  lxc-1.1.3.tar.gz
+md5sums="a7a1b0699bce6fdc31cd512afeff479e  lxc-1.1.5.tar.gz
 d41088af5dee2e2df7975bb33d5d1537  0001-Clone-bridge-interface-MTU-setting.patch
 79e90616b5049a472ccdcb5b1dcdd8b1  version.patch
-7327d4e94f1f23473d82c1fe98706eb2  CVE-2015-1335.patch
+e8fd932f3ec6d52d7b4c183fc58c0b24  download-template-tmpfs.patch
+bd7419669ed6c5578d876ef8a4d06c38  setproctitle-info-not-warn.patch
 1e47412382517ee2adcbca00f07377ca  lxc.initd"
-sha256sums="b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300  lxc-1.1.3.tar.gz
+sha256sums="eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c  lxc-1.1.5.tar.gz
 e9a6c2e5f98a5f03bf772333c91efe7dafbc4f8d699dced73859e7d6c98d2d42  0001-Clone-bridge-interface-MTU-setting.patch
 b6d85fb23940d2511b3951de56b2532843c0e03ec1613548366361cc0c1a46b9  version.patch
-85af34f968ed1e00de357c2ff6d3234c144f53878a707d1d5f8d864407f23726  CVE-2015-1335.patch
+8cb638f927d51f05884439e6db15092e902a9c59ef830cbdcb07d88f5cff11e1  download-template-tmpfs.patch
+d5a2194d1d9dc8b171668532b8f8f26d0e1a4bb8fcea9694d28a5fbc850698ad  setproctitle-info-not-warn.patch
 ce4c30c65832c4b79df1c3c1ef6a444247e2866ab24690f1476e7b98b722fac1  lxc.initd"
-sha512sums="cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda  lxc-1.1.3.tar.gz
+sha512sums="e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c  lxc-1.1.5.tar.gz
 6c4dc0a53ba8947a37faa14bb81a7bbed7a88fb118513842f5a5a37e9d23fbd2bee4f8f513d3f686a34d373869008ee5ccbd4b9e20615d4b9e4b8139119adce3  0001-Clone-bridge-interface-MTU-setting.patch
 e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def  version.patch
-d8b0a7827a96a4d5c10e7ebf7ca65f415f6895d3b6371cfc1edda2a9a07ea99b9d3db5d8e5cc542ad88b25e717534755faa9938901183a90c7587d83d3fa81aa  CVE-2015-1335.patch
+b3b8c47a8594cefff58cef74efe9e6bf0dd8422a40289c4398ea34e61d04dd3d95c567e880a4b123df42ffac3fae179b63b130b357eb6659f73f922f2908d971  download-template-tmpfs.patch
+b839650c9be38a7c6e9c327c04433ec72043cca039bed34c6b8a30d1ce5fa9ed40ae71ab6bb7e7b2cd144af7670bbe4737d5a86e61e31cd006aa6234b93256ec  setproctitle-info-not-warn.patch
 4ff815d354f022854535a0069033f314263623ead48220d732683d5a268f14f221cbfe1aa9515adf1c2e47de71f1b1f1dda374a1f5f15d6f7025d2de91143d9a  lxc.initd"
diff --git a/main/lxc/download-template-tmpfs.patch b/main/lxc/download-template-tmpfs.patch
new file mode 100644
index 0000000..de36c36
--- /dev/null
+++ b/main/lxc/download-template-tmpfs.patch
_at_@ -0,0 +1,23 @@
+--- a/templates/lxc-download.in
++++ b/templates/lxc-download.in
+_at_@ -298,11 +298,15 @@ fi
+ # Trap all exit signals
+ trap cleanup EXIT HUP INT TERM
+ 
+-if ! type mktemp >/dev/null 2>&1; then
+-    DOWNLOAD_TEMP=/tmp/lxc-download.$$
+-    mkdir -p $DOWNLOAD_TEMP
+-else
+-    DOWNLOAD_TEMP=$(mktemp -d)
++if ! grep -qw '/tmp' /proc/mounts; then
++    if ! type mktemp >/dev/null 2>&1; then
++        DOWNLOAD_TEMP=/tmp/lxc-download.$$
++        mkdir -p $DOWNLOAD_TEMP
++    else
++         DOWNLOAD_TEMP=$(mktemp -d)
++    fi
++else # /tmp may be mounted in tmpfs / zram or noexec
++    DOWNLOAD_TEMP=$(mktemp -d -p $LXC_PATH)
+ fi
+ 
+ # Simply list images
diff --git a/main/lxc/setproctitle-info-not-warn.patch b/main/lxc/setproctitle-info-not-warn.patch
new file mode 100644
index 0000000..5e7272c
--- /dev/null
+++ b/main/lxc/setproctitle-info-not-warn.patch
_at_@ -0,0 +1,13 @@
+### If you want the fancy proctitles, then you need to enable
+### CONFIG_CHECKPOINT_RESTORE in your kernel.
+--- a/src/lxc/utils.c
++++ b/src/lxc/utils.c
+_at_@ -1458,7 +1458,7 @@ int setproctitle(char *title)
+ 	if (ret == 0)
+ 		strcpy((char*)arg_start, title);
+ 	else
+-		SYSERROR("setting cmdline failed");
++		INFO("setting cmdline failed - %s", strerror(errno));
+ 
+ 	return ret;
+ }
-- 
2.6.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Fri Nov 13 2015 - 05:37:47 GMT